Marriott is now offering an easy way to confirm if your personal details were stolen in the massive Starwood hack that was revealed by the hotel giant in November 2018.
Guests who suspect their data may have been involved are being asked to fill out an online form, which will allow the company to make an accurate check. But the company is unable to say how long it will take to respond, saying only that it will reply “as soon as reasonably practicable and consistent with applicable law.”
Yes, it is rather ironic that you have to submit personal data to find out if your personal data was stolen. But if you feel you can still trust the company to handle your data in a secure manner, then the process has the potential to offer peace of mind about whether or not your details were caught up in the hack.
The damaging security breach, which was first reported in November last year, affected accounts that had used Starwood’s guest reservation database between 2014 and September 10, 2018.
The hack shocked many not only for its size, but also for the wide variety of data taken. The initial announcement suggested as many as 500 million guests were involved, with lifted information including a combination of name, address, date of birth, gender, phone number, email address, passport number, Starwood Preferred Guest account information, arrival and departure information, reservation date, and encrypted payment card numbers.
Having now removed duplicate records, Marriott announced in recent days that it’s been able to identify “approximately 383 million records as the upper boundary for the total number of guest records that were involved in the incident.”
It added that this doesn’t necessarily mean that 383 million unique guests were involved, “as in many instances, there appear to be multiple records for the same guest.”
What it can now say, with a fair degree of certainty, is that the stolen records included around 8.6 million unique payment card numbers, all of which were encrypted. Some 5.25 million unique unencrypted passport numbers and approximately 20.3 million encrypted passport numbers were also nabbed in the breach.
For the latest information on the hack, visit Marriott’s special webpage. Mention of the online form can be found at the top of the FAQs, under the question: “Was my information involved in the incident?”
Marriott acquired Starwood in September 2016 in a deal worth around $13.6 billion. Starwood brands include the likes of Le Meridien, Sheraton, St. Regis, Westin, and W Hotels, among others.